Abstract
This document folows specification of authorization documents suggested by [common auth] and defines document format for storing rules for authorization of instant messages.
User sending the instant message represented by URI present in From header field.
User receiving the instant message represented by AOR/To URI.
Instant message authorization document is XML document formated according to schema defined in [common auth]. It inherits MIME type of common policy documents defined there - application/auth-policy+xml.
All XML elements designed in this document belong to “urn:iptel:xml:ns:im-rules” namespace.
Conditions are processed according specification in [common auth].
If the "instant messaging server" (proxy) trying to resolve authorization rules is bound together with presence server it can take the sphere value from presence server as defined in [presence auth], otherwise is sphere value considered undefined in terms of common policy processing.
This document defines one action - <im-handling>. It is defined an enumerated integer type (like sub-handling in [presence auth]). Possible values are:
The message should not be delivered to the user and should be rejected with 403 Forbidden result code. This is the dafault value of im-handling.
The message should be delivered to the destination user.
In the future may these values change.
If there are more matching rules, the resulting action will be the maximum of their <im-handling> values.
<?xml version="1.0"?> <ruleset xmlns="urn:ietf:params:xml:ns:common-policy" xmlns:im="urn:iptel:xml:ns:im-rules"> <rule id="whitelist"> <conditions> <identity> <id>sip:jan@test-domain.com</id> <id>sip:pavel@test-domain.com</id> <id>sip:vasek@test-domain.com</id> <id>sip:ja@test-domain.com</id> </identity> </conditions> <actions> <im:im-handling>allow</im:im-handling> </actions> <transformations/> </rule> <rule id="blacklist"> <conditions> <identity> <id>sip:smith@test-domain.com</id> </identity> </conditions> <actions> <im:im-handling>block</im:im-handling> </actions> <transformations/> </rule> </ruleset>
This document defines “im-rules” as unique application usage ID (AUID) requiered by XCAP specification.